- curl-ptest is taking around 270 seconds to execute so
added curl-ptest to PTESTS_SLOW
- This patch is rework on an existing patch provided
by Maxin B. John (maxin.j...@intel.com)
https://www.openembedded.org/pipermail/openembedded-core/2017-July/139176.html
- Below is the run log of curl-pt
Source: https://git.openldap.org/openldap/openldap
MR: 117821
Type: Security Fix
Disposition: Backport from
https://git.openldap.org/openldap/openldap/-/commit/87df6c19915042430540931d199a39105544a134
ChangeID: d534808c796600ca5994bcda28938d45405bc7b4
Description:
CVE-2022-29155 openldap:
Source: https://github.com/golang/go
MR: 114884
Type: Security Fix
Disposition: Backport from https://github.com/golang/go/commit/44a3fb49
ChangeID: 7b28553d4e23828b20c3357b1cca79ee3ca18058
Description:
CVE-2021-44717 golang: syscall: don't close fd 0 on ForkExec error.
Signed-off-by: Hiten
Source: https://github.com/pypa/pip
MR: 113864
Type: Security Fix
Disposition: Backport from
https://github.com/pypa/pip/commit/e46bdda9711392fec0c45c1175bae6db847cb30b
ChangeID: 717948e217d6219d1f03afb4d984342d7dea4636
Description:
CVE-2021-3572 python-pip: Incorrect handling of unicode se
Source: https://github.com/cyrusimap/cyrus-sasl
MR: 118501
Type: Security Fix
Disposition: Backport from
https://github.com/cyrusimap/cyrus-sasl/commit/9eff746c9daecbcc0041b09a5a51ba30738cdcbc
ChangeID: 5e0fc4c28d97b498128e4aa5d3e7c012e914ef51
Description:
CVE-2022-24407 cyrus-sasl: failure
Hello Randy,
On 16-06-2022 19:49, Randy MacLeod wrote:
On 2022-06-15 22:19, Sundeep KOKKONDA wrote:
Hello,
GCC regression test performed on /Kirkstone/ with gcc-11.3 &
gcc-11.2. The results are *NOT* identical. Below is test summary.
*gcc-11.3:*
/ === gcc Summary ===/
/# of e
On Sun, Jun 19, 2022 at 2:29 PM Ross Burton wrote:
> Patches on the list.
>
> I’m now debating as to whether the class should be called hatch or
> hatchling…
>
or face hugger
>
> Ross
>
> > On 18 Jun 2022, at 21:54, Alexander Kanavin
> wrote:
> >
> > python3-jsonschema has replaced setuptools
Switch the build system from setuptools to hatch.
Signed-off-by: Ross Burton
---
...hon3-jsonschema_4.5.1.bb => python3-jsonschema_4.6.0.bb} | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
rename meta/recipes-devtools/python/{python3-jsonschema_4.5.1.bb =>
python3-jsonschema_4.6.0.
Recipes in core are now needing to use the Hatch build system, so
move the hatchling recipe and class from meta-oe to oe-core.
Signed-off-by: Ross Burton
---
meta/classes/python_hatchling.bbclass | 5 +
meta/conf/distro/include/maintainers.inc | 1 +
.../python/python3-hatchli
This recipe (a VCS plugin for Hatch) is needed by the new
python3-jsonschema to build.
Signed-off-by: Ross Burton
---
meta/conf/distro/include/maintainers.inc | 1 +
.../python/python3-hatch-vcs_0.2.0.bb| 12
2 files changed, 13 insertions(+)
create mod
From: Jose Quaresma
When using multiconfig with the same TMP folder we can have
races because the shared recipes like gcc-source run twice.
ARCHIVER_OUTDIR = ${ARCHIVER_TOPDIR}/${TARGET_SYS}/${PF}/
which includes TARGET_SYS and between the two different MACHINE values,
this changes from 'arm-po
From: Rasmus Villemoes
Building busybox with CONFIG_LSATTR=y and installing that in the same
filesystem as e2fsprogs breaks:
ERROR: ... do_rootfs: Postinstall scriptlets of ['busybox'] have failed. If
the intention is to defer them to first boot,
then please place them into pkg_postinst_ont
From: Richard Purdie
Some tasks may reference ${B} for gcc-source which in general would not exist.
It has dependencies on HOST_SYS and TARGET_SYS which are not appropriate for a
shared recipe like gcc-source. This causes problems for the archiver and
multiconfigs in particlar.
Set B to somethin
From: Mingli Yu
When multilib enabled and add layers/meta-openembedded/meta-oe in
conf/bblayers.conf, it reports below error when run oe-selftest.
$ oe-selftest -r oescripts
[snip]
[20:36:33-0700] 2022-05-16 03:36:33,494 - oe-selftest - INFO - RESULTS -
oescripts.OEListPackageconfigTests.tes
From: Jose Quaresma
Signed-off-by: Jose Quaresma
Signed-off-by: Luca Ceresoli
Signed-off-by: Richard Purdie
(cherry picked from commit 6420c8a6a8143f53ccad7ab2d56b2ba06db83099)
Signed-off-by: Steve Sakoman
---
meta/classes/archiver.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-
From: Martin Jansa
* fixes:
oe-core/meta/lib/oe/rootfs.py:331: ResourceWarning: unclosed file
<_io.TextIOWrapper name='pkgdata/mach/kernel-depmod/kernel-abiversion' mode='r'
encoding='UTF-8'>
kernel_ver = open(kernel_abi_ver_file).read().strip(' \n')
Signed-off-by: Martin Jansa
Signed-off
From: Peter Kjellerstedt
Ensure that begin_idx (i.e., beginline - 1) and end_idx (i.e.,
endline) are positive numbers in copy_license_files(). This makes sure
the same lines are copied as populate_lic_qa_checksum() uses when it
calculates the checksum. Before, beginline=0 would typically lead to
From: Marcel Ziswiler
Fix PACKAGECONFIG to refer to libavtp instead of avtp as this is what
the project and everything is really called everywhere.
Signed-off-by: Marcel Ziswiler
Signed-off-by: Richard Purdie
(cherry picked from commit 8824d91fe2063195014c38c134b97946d3b429c2)
Signed-off-by: S
From: Stefan Wiehler
Several tasks deactivate exiting on non-zero return codes via set +e because
they run subcommands that have legitimate non-zero return codes. However when
appending to those tasks, this behavior is not expected and can lead to builds
silently proceeding in case of an error. T
From: Richard Purdie
Includes fixes for CVE-2022-1927, CVE-2022-1942.
Signed-off-by: Richard Purdie
Signed-off-by: Alexandre Belloni
Signed-off-by: Richard Purdie
(cherry picked from commit 1e740b5c2227c0040621ae63436d06db4873670f)
Signed-off-by: Steve Sakoman
---
meta/recipes-support/vim/v
From: Pawan Badganchi
As per debian, the issue is fixed by a feature called
"agent restriction" in openssh 8.9.
Urgency is unimportant as per debian, Hence this CVE is whitelisting.
Link:
https://security-tracker.debian.org/tracker/CVE-2021-36368
https://bugzilla.mindrot.org/show_bug.cgi?id=3316#
In scheduler/cert.c the previous algorithm didn't expect the strings can
have a different length, so one string can be a substring of the other
and such substring was reported as equal to the longer string.
Backport patch from upstream to fix:
https://github.com/OpenPrinting/cups/commit/de4f8c1961
Please review this set of patches for dunfell and have comments back by end
of day Tuesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3790
The following changes since commit 7e056e79a5acce8261cb5124c172cc40ad608b82:
linux-yocto/5.4: update
From: Richard Purdie
There are cached reproducibility issues on the autobuilder due to the PRServ
sstate checksum issues, flush the bad data out the system by bumping the
versions.
Signed-off-by: Richard Purdie
(cherry picked from commit b12e6cfe3bb34e426c8bb74183d041948cb2ed89)
Signed-off-by:
From: Pavel Zhukov
Fixes fuzz warning with insane class ihnerited introduced in 4c3f51142b
Kirkstone specific, master has been updated to 251.2 and FTBFS with musl [Yocto
14838]
Signed-off-by: Pavel Zhukov
Signed-off-by: Steve Sakoman
---
.../systemd/0008-add-missing-FTW_-macros-for-musl.pat
From: Jose Quaresma
When using multiconfig with the same TMP folder we can have
races because the shared recipes like gcc-source run twice.
ARCHIVER_OUTDIR = ${ARCHIVER_TOPDIR}/${TARGET_SYS}/${PF}/
which includes TARGET_SYS and between the two different MACHINE values,
this changes from 'arm-po
From: Yi Zhao
RDEPENDS_${PN}-tk -> RDEPENDS:${PN}-tk
Signed-off-by: Yi Zhao
Signed-off-by: Alexandre Belloni
Signed-off-by: Richard Purdie
(cherry picked from commit 1ed9267a318d53a302991a8ec7259d3bb809eaaa)
Signed-off-by: Steve Sakoman
---
meta/recipes-devtools/git/git_2.35.3.bb | 2 +-
1
From: Richard Purdie
Some tasks may reference ${B} for gcc-source which in general would not exist.
It has dependencies on HOST_SYS and TARGET_SYS which are not appropriate for a
shared recipe like gcc-source. This causes problems for the archiver and
multiconfigs in particlar.
Set B to somethin
From: Yi Zhao
RDEPENDS_${PN}-ptest -> RDEPENDS:${PN}-ptest
Signed-off-by: Yi Zhao
Signed-off-by: Alexandre Belloni
Signed-off-by: Richard Purdie
(cherry picked from commit 37a47bfced900c2f1e239b216d8614eb290f2f0c)
Signed-off-by: Steve Sakoman
---
meta/recipes-support/popt/popt_1.18.bb | 2 +
From: Rasmus Villemoes
Building busybox with CONFIG_LSATTR=y and installing that in the same
filesystem as e2fsprogs breaks:
ERROR: ... do_rootfs: Postinstall scriptlets of ['busybox'] have failed. If
the intention is to defer them to first boot,
then please place them into pkg_postinst_ont
From: Mingli Yu
When multilib enabled and add layers/meta-openembedded/meta-oe in
conf/bblayers.conf, it reports below error when run oe-selftest.
$ oe-selftest -r oescripts
[snip]
[20:36:33-0700] 2022-05-16 03:36:33,494 - oe-selftest - INFO - RESULTS -
oescripts.OEListPackageconfigTests.tes
From: Kai Kang
It fails to compile xxhash when '-Og' is set in CFLAGS via such as set
DEBUG_BUILD = '1' in local.conf. Check and disable inline when '-Og'
exists.
Signed-off-by: Kai Kang
Signed-off-by: Luca Ceresoli
Signed-off-by: Richard Purdie
(cherry picked from commit 3464c67cd34acbb1a670
From: Jose Quaresma
Signed-off-by: Jose Quaresma
Signed-off-by: Luca Ceresoli
Signed-off-by: Richard Purdie
(cherry picked from commit 6420c8a6a8143f53ccad7ab2d56b2ba06db83099)
Signed-off-by: Steve Sakoman
---
meta/classes/archiver.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-
From: Jack Mitchell
This allows building Cython based Python modules with the native
meson support which has been present since meson version 0.59.
https://mesonbuild.com/Cython.html
Signed-off-by: Jack Mitchell
Signed-off-by: Luca Ceresoli
Signed-off-by: Richard Purdie
(cherry picked from c
From: Xiaobing Luo
when devtool finish, the _copy_file() failed.
TypeError: _copy_file() got an unexpected keyword argument
'base_outdir'
Fixes: 05f2d5d2ce00 ("devtool: finish: add dry-run option")
Signed-
From: Richard Purdie
We should test that mutliconfigs from a layer work, not just build/conf.
This adds such a test.
[YOCTO #13566]
Signed-off-by: Richard Purdie
Signed-off-by: Luca Ceresoli
Signed-off-by: Richard Purdie
(cherry picked from commit 2306261fb85d5d03145989c3af9c6897111644ae)
Si
From: Richard Purdie
Someone reported that if some other shell function has left i or j set,
the concat_dtb_helper function could fail. Add a small tweak to avoid this.
[YOCTO #14815]
Signed-off-by: Richard Purdie
Signed-off-by: Luca Ceresoli
Signed-off-by: Richard Purdie
(cherry picked from
From: Richard Purdie
Includes fixes for CVE-2022-1927, CVE-2022-1942.
Signed-off-by: Richard Purdie
Signed-off-by: Alexandre Belloni
Signed-off-by: Richard Purdie
(cherry picked from commit 1e740b5c2227c0040621ae63436d06db4873670f)
Signed-off-by: Steve Sakoman
---
meta/recipes-support/vim/v
Please review this set of patches for kirkstone and have comments back by
end of day Tuesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3799
The following changes since commit 0f7a8359ba370c7f5d5153453ed699e9566f5b1d:
rootfs.py: close kern
It requires a shebang wrapper due to the fact that awk interpreter
has an argument.
---
meta/recipes-support/libcheck/libcheck_0.15.2.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-support/libcheck/libcheck_0.15.2.bb
b/meta/recipes-support/libcheck/libcheck_0.15.2.bb
index
Make sure we do not stage any executable with a bigger shebang
than 128. Fixes [1]
[1] https://bugzilla.yoctoproject.org/show_bug.cgi?id=11053
Signed-off-by: Paulo Neves
---
.../sysroot-test/sysroot-shebang-test_1.0.bb | 12
meta/lib/oeqa/selftest/cases/sysroot.py
Useful to work around shebang relocation issues, where
shebangs are too long or have arguments in them, thus preventing them
from using the /usr/bin/env shebang.
---
.../wrapper/cmdline-shebang-wrapper-test.bb | 21
.../recipes-test/wrapper/files/test.awk | 2 ++
meta/classes
These files are checked by qa_check_staged but there was no
test cases for whether the tests actually worked. Now there
are.
Signed-off-by: Paulo Neves
---
.../sysroot-test/sysroot-la-test_1.0.bb | 16 +
.../sysroot-test/sysroot-pc-test_1.0.bb | 12 +++
meta/lib/oeqa/self
As reported in the bug report [1], there was no check for shebang
sizes on native scripts and now this is fixed.
The path scope of the qa_staging was increased from just checking
libdir to all the relevant SYSROOT_DIRS.
It is possible to skip this check through INSANE_SKIP.
[1] https://bugzilla.
The native path may be too big, leading to shebang
overflow. Just use the #!/usr/bin/env python3.
Signed-off-by: Paulo Neves
---
...shebang-overflow-on-python-config.py.patch | 33 +++
.../recipes-devtools/python/python3_3.10.4.bb | 1 +
2 files changed, 34 insertions(+)
create
A native path can cause a shebang overflow on gtkdoc-mkhtml.
Replace it with /usr/bin/env.
Signed-off-by: Paulo Neves
---
meta/recipes-gnome/gtk-doc/gtk-doc_1.33.2.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-gnome/gtk-doc/gtk-doc_1.33.2.bb
b/meta/recipes-gnome/gtk-doc/gt
You are right never mind.
Paulo Neves
On 6/16/22 00:16, Peter Kjellerstedt wrote:
-Original Message-
From: Paulo Neves
Sent: den 15 juni 2022 15:51
To: Peter Kjellerstedt ; Ross Burton
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [OE-core] [PATCH v5 6/7] utils: Add cmdlin
Specific provider (ie. RPM or IPK) does "provide" just itself as a
package to the system. This will cause the "-dev" package, which
refers to the generic signing-keys and not the provider specific,
to miss the dependency.
Error case (RPM) when populating sdk:
Error:
Problem: conflicting requests
Branch: kirkstone
New this week: 0 CVEs
Removed this week: 1 CVEs
CVE-2022-27778 (CVSS3: 8.1 HIGH): curl:curl-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27778 *
Full list: Found 13 unpatched CVEs
CVE-2019-12067 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native
htt
Branch: dunfell
New this week: 3 CVEs
CVE-2022-27779 (CVSS3: 5.3 MEDIUM): curl:curl-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27779 *
CVE-2022-27780 (CVSS3: 7.5 HIGH): curl:curl-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27780 *
CVE-2022-30115 (CVSS3:
Branch: master
New this week: 0 CVEs
Removed this week: 2 CVEs
CVE-2022-1927 (CVSS3: 9.8 CRITICAL): vim
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1927 *
CVE-2022-1942 (CVSS3: 7.8 HIGH): vim
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1942 *
Full list: Found 8 unp
Yes, when I was making the change I also realized the scope of the check
was quite bigger than before. I am going to deliver the final changes
requested and leave it up to you to decide on the merge. Let me know your
decision so I can close the bug as well.
Paulo Neves
On Fri, Jun 17, 2022, 18:50
52 matches
Mail list logo
